You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by "Tourville, Jeremy A CTR USARMY DEVCOM AVMC (USA)" <je...@army.mil.INVALID> on 2022/10/31 18:45:49 UTC
RE: [URL Verdict: Neutral][Non-DoD Source] Re: Guacamole on Docker Failed Login for guacadmin
This isn’t my own custom image per se’. The image URL is from Iron Bank. https://ironbank.dso.mil/about
“The Iron Bank is the DoD repository of digitally signed, binary container images that have been hardened and accredited for DoD-wide use across classifications. All containers provide a variety of information such as their build and approval date, approval status, scan results, and more. The goal is to provide a place where DoD programs can find and utilize cutting-edge software and tools for their programs! Prior to creating a new container image, DoD programs can now check to see if the software they want to use is already containerized and exists in the Iron Bank for their use. If no container image exists, requests can be made with the Iron Bank onboarding team to add the container to our list. All containers must be sponsored by a DoD progam or directly by a vendor.”
The Iron Bank Image is derived from the Guacamole image. They take the image and rebase it. They also try to harden all images for security. I can provide the Dockerfile if needed.
That being said, I will take a look at the location you referenced. I had seen other forums mention that path and some seemed to indicate it was a false positive.
From: Michael Jumper <mj...@apache.org>
Sent: Saturday, October 29, 2022 1:08 PM
To: user@guacamole.apache.org
Subject: [URL Verdict: Neutral][Non-DoD Source] Re: Guacamole on Docker Failed Login for guacadmin
All active links contained in this email were disabled. Please verify the identity of the sender, and confirm the authenticity of all links contained within the message prior to copying and pasting the address to a Web browser.
________________________________
Is this your own, custom/modified Docker image? I see the following in your logs:
ERROR o.a.g.GuacamoleServletContextListener - Unable to read guacamole.properties: "/etc/guacamole/guacamole.properties" does not exist.
The "guacamole/guacamole" image we provide uses a different directory for this and automatically generates the guacamole.properties config file on startup. The fact that it's looking in /etc/guacamole suggests that something has been altered in the image that has resulted in the webapp being unable to find the files generated by the image's entrypoint.
- Mike
On Wed, Oct 26, 2022 at 12:12 PM Tourville, Jeremy A CTR USARMY DEVCOM AVMC (USA) <je...@army.mil.invalid>> wrote:
I ran docker-compose down, cleared my db folder (thus forcing the db to be recreated and the init script to run) and ran docker-compose up.
Here is my log:
C:\Users\TourvilleJA\Documents\Containers\guacamole>docker-compose up
Creating network "guacamole_guacnetwork" with the default driver
Creating guacd ... done
Creating postgres ... done
Creating guacamole ... done
Attaching to guacd, postgres, guacamole
guacd | guacd[1]: INFO: Guacamole proxy daemon (guacd) version 1.4.0 started
guacd | guacd[1]: INFO: Listening on host 0.0.0.0, port 4822
postgres | The files belonging to this database system will be owned by user "postgres".
postgres | This user must also own the server process.
postgres |
postgres | The database cluster will be initialized with locale "en_US.utf8".
postgres | The default database encoding has accordingly been set to "UTF8".
postgres | The default text search configuration will be set to "english".
postgres |
postgres | Data page checksums are disabled.
postgres |
postgres | fixing permissions on existing directory /var/lib/postgresql/data/guacamole ... ok
postgres | creating subdirectories ... ok
postgres | selecting dynamic shared memory implementation ... posix
postgres | selecting default max_connections ... 100
postgres | selecting default shared_buffers ... 128MB
postgres | selecting default time zone ... Etc/UTC
postgres | creating configuration files ... ok
guacamole | 26-Oct-2022 19:07:25.173 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name: Apache Tomcat/8.5.82
guacamole | 26-Oct-2022 19:07:25.175 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Aug 8 2022 21:26:07 UTC
guacamole | 26-Oct-2022 19:07:25.175 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 8.5.82.0
guacamole | 26-Oct-2022 19:07:25.176 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Linux
guacamole | 26-Oct-2022 19:07:25.176 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 5.10.102.1-microsoft-standard-WSL2
guacamole | 26-Oct-2022 19:07:25.177 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: amd64
guacamole | 26-Oct-2022 19:07:25.178 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.352.b08-2.el8_6.x86_64/jre
guacamole | 26-Oct-2022 19:07:25.178 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 1.8.0_352-b08
guacamole | 26-Oct-2022 19:07:25.179 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Red Hat, Inc.
guacamole | 26-Oct-2022 19:07:25.179 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /usr/local/tomcat
guacamole | 26-Oct-2022 19:07:25.179 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /usr/local/tomcat
guacamole | 26-Oct-2022 19:07:25.179 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties
guacamole | 26-Oct-2022 19:07:25.180 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
guacamole | 26-Oct-2022 19:07:25.180 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
guacamole | 26-Oct-2022 19:07:25.180 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
guacamole | 26-Oct-2022 19:07:25.180 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
guacamole | 26-Oct-2022 19:07:25.180 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dignore.endorsed.dirs=
guacamole | 26-Oct-2022 19:07:25.180 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/usr/local/tomcat
guacamole | 26-Oct-2022 19:07:25.181 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/local/tomcat
guacamole | 26-Oct-2022 19:07:25.181 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/usr/local/tomcat/temp
guacamole | 26-Oct-2022 19:07:25.181 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The Apache Tomcat Native library which allows using OpenSSL was not found on the java.library.path: [/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib]
guacamole | 26-Oct-2022 19:07:25.263 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8080"]
guacamole | 26-Oct-2022 19:07:25.290 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 789 ms
guacamole | 26-Oct-2022 19:07:25.325 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina]
guacamole | 26-Oct-2022 19:07:25.325 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/8.5.82]
guacamole | 26-Oct-2022 19:07:25.331 SEVERE [Catalina-startStop-1] org.apache.catalina.startup.HostConfig.beforeStart Unable to create directory for deployment: [/usr/local/tomcat/conf/Catalina/localhost]
guacamole | 26-Oct-2022 19:07:25.347 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive [/usr/local/tomcat/webapps/guacamole.war]
guacamole | 26-Oct-2022 19:07:26.668 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
guacamole | 19:07:27.051 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/etc/guacamole".
guacamole | 19:07:27.220 [localhost-startStop-1] ERROR o.a.g.GuacamoleServletContextListener - Unable to read guacamole.properties: "/etc/guacamole/guacamole.properties" does not exist.
guacamole | 19:07:27.224 [localhost-startStop-1] INFO o.a.g.rest.auth.HashTokenSessionMap - Sessions will expire after 60 minutes of inactivity.
guacamole | 19:07:27.635 [localhost-startStop-1] INFO o.a.g.t.w.WebSocketTunnelModule - Loading JSR-356 WebSocket support...
guacamole | 26-Oct-2022 19:07:28.710 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/usr/local/tomcat/webapps/guacamole.war] has finished in [3,363] ms
guacamole | 26-Oct-2022 19:07:28.714 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
guacamole | 26-Oct-2022 19:07:28.725 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 3434 ms
postgres | running bootstrap script ... ok
postgres | performing post-bootstrap initialization ... ok
postgres | syncing data to disk ... initdb: warning: enabling "trust" authentication for local connections
postgres | You can change this by editing pg_hba.conf or using the option -A, or
postgres | --auth-local and --auth-host, the next time you run initdb.
postgres | ok
postgres |
postgres |
postgres | Success. You can now start the database server using:
postgres |
postgres | pg_ctl -D /var/lib/postgresql/data/guacamole -l logfile start
postgres |
postgres | waiting for server to start....2022-10-26 19:07:43.898 UTC [30] LOG: starting PostgreSQL 12.12 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-10), 64-bit
postgres | 2022-10-26 19:07:43.901 UTC [30] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
postgres | 2022-10-26 19:07:43.907 UTC [30] LOG: listening on Unix socket "/tmp/.s.PGSQL.5432"
postgres | 2022-10-26 19:07:43.941 UTC [30] LOG: redirecting log output to logging collector process
postgres | 2022-10-26 19:07:43.941 UTC [30] HINT: Future log output will appear in directory "log".
postgres | done
postgres | server started
postgres | CREATE DATABASE
postgres |
postgres |
postgres | /usr/local/bin/docker-entrypoint.sh: running /docker-entrypoint-initdb.d/initdb.sql
postgres | CREATE TYPE
postgres | CREATE TYPE
postgres | CREATE TYPE
postgres | CREATE TYPE
postgres | CREATE TYPE
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE TABLE
postgres | CREATE TABLE
postgres | CREATE TABLE
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE INDEX
postgres | CREATE TABLE
postgres | CREATE INDEX
postgres | INSERT 0 1
postgres | INSERT 0 1
postgres | INSERT 0 6
postgres | INSERT 0 3
postgres |
postgres |
postgres | waiting for server to shut down.... done
postgres | server stopped
postgres |
postgres | PostgreSQL init process complete; ready for start up.
postgres |
postgres | 2022-10-26 19:07:50.375 UTC [1] LOG: starting PostgreSQL 12.12 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-10), 64-bit
postgres | 2022-10-26 19:07:50.375 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432
postgres | 2022-10-26 19:07:50.375 UTC [1] LOG: listening on IPv6 address "::", port 5432
postgres | 2022-10-26 19:07:50.388 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
postgres | 2022-10-26 19:07:50.395 UTC [1] LOG: listening on Unix socket "/tmp/.s.PGSQL.5432"
postgres | 2022-10-26 19:07:50.431 UTC [1] LOG: redirecting log output to logging collector process
postgres | 2022-10-26 19:07:50.431 UTC [1] HINT: Future log output will appear in directory "log".
guacamole | 19:08:13.517 [http-nio-8080-exec-10] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from 172.29.0.1 for user "guacadmin" failed.
From: Michael Jumper <mjumper@apache.org < Caution-mailto:mjumper@apache.org <mailto:mjumper@apache.org %3c Caution-mailto:mjumper@apache.org > > >
Sent: Wednesday, October 26, 2022 2:04 PM
To: user@guacamole.apache.org<ma...@guacamole.apache.org> < Caution-mailto:user@guacamole.apache.org >
Subject: [URL Verdict: Neutral][Non-DoD Source] Re: Guacamole on Docker Failed Login for guacadmin
All active links contained in this email were disabled. Please verify the identity of the sender, and confirm the authenticity of all links contained within the message prior to copying and pasting the address to a Web browser.
________________________________
Can you post your entire logs from the point that the Guacamole container started through the first authentication failure?
- Mike
On Wed, Oct 26, 2022 at 11:58 AM Tourville, Jeremy A CTR USARMY DEVCOM AVMC (USA) <jeremy.a.tourville.ctr@army.mil.invalid < Caution-mailto:jeremy.a.tourville.ctr@army.mil.invalid <mailto:jeremy.a.tourville.ctr@army.mil.invalid %3c Caution-mailto:jeremy.a.tourville.ctr@army.mil.invalid > > > wrote:
Hello,
I have been reading the manual and trying to figure out what I am doing wrong. I presume I have a simple mistake somewhere or something that I have missed when reading the manual.
I setup a new instance of Guacamole using Docker and Docker Compose.
version: '3.0'
networks:
guacnetwork:
services:
guacd:
container_name: guacd
image: registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-server:1.4.0 < Caution-http://registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-server:1.4.0 > < Caution-Caution-http://registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-server:1.4.0 < Caution-http://registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-server:1.4.0 > >
networks:
guacnetwork:
restart: always
postgres:
container_name: postgres
image: registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.12 < Caution-http://registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.12 > < Caution-Caution-http://registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.12 < Caution-http://registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.12 > >
environment:
PGDATA: /var/lib/postgresql/data/guacamole
POSTGRES_DB: guacamoledb
POSTGRES_PASSWORD: 'guacamole'
POSTGRES_USER: 'guacamole'
networks:
guacnetwork:
restart: always
volumes:
- ./init:/docker-entrypoint-initdb.d:z
- ./data:/var/lib/postgresql/data:Z
guacamole:
container_name: guacamole
image: registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-client:1.4.0 < Caution-http://registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-client:1.4.0 > < Caution-Caution-http://registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-client:1.4.0 < Caution-http://registry1.dso.mil/ironbank/opensource/apache/guacamole/guacamole-client:1.4.0 > >
depends_on:
- guacd
- postgres
environment:
GUACD_HOSTNAME: guacd
POSTGRES_DATABASE: guacamoledb
POSTGRES_HOSTNAME: postgres
POSTGRES_PASSWORD: 'guacamole'
POSTGRES_USER: 'guacamole'
links:
- guacd
networks:
guacnetwork:
ports:
- 8080:8080/tcp
restart: always
I have observed the following:
1. The general setup of the containers work and no containers are restarting due to misconfigurations or errors.
2. The web UI is available
3. The logs show the database is created and the schema is applied to the DB.
4. I can see the guacadmin user account creation is part of the init script
5. When I try to login via the web UI as guacadmin I get the error message “Invalid Login”
6. docker logs -f guacamole shows:
16:15:17.956 [http-nio-8080-exec-4] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from 172.28.0.1 for user "guacadmin" failed.
Why is auth failing? I did review theGUACAMOLE_HOME/extensions and GUACAMOLE_HOME/lib directories.
Extesions folder contains a file:
guacamole-auth-jdbc-postgresql-1.4.0.jar
Lib folder contains a file:
postgresql-42.3.3.jar
My guacamole.properties is as follows:
# guacamole.properties - generated Wed Oct 26 14:53:23 UTC 2022
guacd-hostname: guacd
guacd-port: 4822
postgresql-username: guacamole
postgresql-password: guacamole
postgresql-database: guacamoledb
postgresql-hostname: postgres
postgresql-port: 5432
Everything seems to be generally correct based on what I have read. What else can someone suggest to troubleshoot?
Jeremy
RE: [URL Verdict: Neutral][Non-DoD Source] Re: Guacamole on Docker Failed Login for guacadmin
Posted by "Tourville, Jeremy A CTR USARMY DEVCOM AVMC (USA)" <je...@army.mil.INVALID>.
Thank you Mike! I knew asking in this forum was a bit of a long shot. Your explanation makes sense. The vendor doesn’t provide much in the way of support that I am aware of. I couldn’t find any directions on how to deploy the image properly except for the link that points back to your original guacamole image.
Your response is very appreciated.
From: Michael Jumper <mj...@apache.org>
Sent: Monday, October 31, 2022 4:57 PM
To: user@guacamole.apache.org
Subject: Re: [URL Verdict: Neutral][Non-DoD Source] Re: Guacamole on Docker Failed Login for guacadmin
All active links contained in this email were disabled. Please verify the identity of the sender, and confirm the authenticity of all links contained within the message prior to copying and pasting the address to a Web browser.
________________________________
On Mon, Oct 31, 2022 at 11:46 AM Tourville, Jeremy A CTR USARMY DEVCOM AVMC (USA) <je...@army.mil.invalid>> wrote:
This isn’t my own custom image per se’. The image URL is from Iron Bank. Caution-https://ironbank.dso.mil/about < Caution-https://ironbank.dso.mil/about >
“The Iron Bank is the DoD repository of digitally signed, binary container images that have been hardened and accredited for DoD-wide use across classifications. All containers provide a variety of information such as their build and approval date, approval status, scan results, and more. The goal is to provide a place where DoD programs can find and utilize cutting-edge software and tools for their programs! Prior to creating a new container image, DoD programs can now check to see if the software they want to use is already containerized and exists in the Iron Bank for their use. If no container image exists, requests can be made with the Iron Bank onboarding team to add the container to our list. All containers must be sponsored by a DoD progam or directly by a vendor.”
The Iron Bank Image is derived from the Guacamole image. They take the image and rebase it. They also try to harden all images for security.
You'll definitely need to reach out to your vendor with respect to their image. We can't help with a third-party image (but can if you retry with the image we provide). If your vendor isn't sure what's going on, feel free to direct them to this list and perhaps we can help them.
That being said, I will take a look at the location you referenced. I had seen other forums mention that path and some seemed to indicate it was a false positive.
It indicates at least that the image deviates from the image we provide, and it directly affects whether Guacamole can find its configuration files. If the log messages state that GUACAMOLE_HOME is "/etc/guacamole", but that's not where guacamole.properties is, then things will definitely not work. Here's what things normally look like:
21:47:20.082 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/home/guacamole/.guacamole".
21:47:20.242 [localhost-startStop-1] INFO o.a.g.GuacamoleServletContextListener - Read configuration parameters from "/home/guacamole/.guacamole/guacamole.properties".
Reading from /etc/guacamole instead is fine, but if your image can't find its guacamole.properties at all, then your vendor has broken something in their image.
- Mike
Re: [URL Verdict: Neutral][Non-DoD Source] Re: Guacamole on Docker Failed Login for guacadmin
Posted by Michael Jumper <mj...@apache.org>.
On Mon, Oct 31, 2022 at 11:46 AM Tourville, Jeremy A CTR USARMY DEVCOM AVMC
(USA) <je...@army.mil.invalid> wrote:
> This isn’t my own custom image per se’. The image URL is from Iron Bank.
> https://ironbank.dso.mil/about
>
> “The Iron Bank is the DoD repository of digitally signed, binary container
> images that have been hardened and accredited for DoD-wide use across
> classifications. All containers provide a variety of information such as
> their build and approval date, approval status, scan results, and more. The
> goal is to provide a place where DoD programs can find and utilize
> cutting-edge software and tools for their programs! Prior to creating a new
> container image, DoD programs can now check to see if the software they
> want to use is already containerized and exists in the Iron Bank for their
> use. If no container image exists, requests can be made with the Iron Bank
> onboarding team to add the container to our list. All containers must be
> sponsored by a DoD progam or directly by a vendor.”
>
>
>
> The Iron Bank Image is derived from the Guacamole image. They take the
> image and rebase it. They also try to harden all images for security.
>
You'll definitely need to reach out to your vendor with respect to their
image. We can't help with a third-party image (but can if you retry with
the image we provide). If your vendor isn't sure what's going on, feel free
to direct them to this list and perhaps we can help them.
That being said, I will take a look at the location you referenced. I had
> seen other forums mention that path and some seemed to indicate it was a
> false positive.
>
It indicates at least that the image deviates from the image we
provide, and it directly affects whether Guacamole can find its
configuration files. If the log messages state that GUACAMOLE_HOME is
"/etc/guacamole", but that's not where guacamole.properties is, then things
will definitely not work. Here's what things normally look like:
21:47:20.082 [localhost-startStop-1] INFO
o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is
"/home/guacamole/.guacamole".
21:47:20.242 [localhost-startStop-1] INFO
o.a.g.GuacamoleServletContextListener - Read configuration parameters from
"/home/guacamole/.guacamole/guacamole.properties".
Reading from /etc/guacamole instead is fine, but if your image can't find
its guacamole.properties at all, then your vendor has broken something in
their image.
- Mike